1 / 17

Automatic Trust Negotiation

Automatic Trust Negotiation. Presented by: Scott Hackman. Reference. Trust-X: A Peer-to-Peer Framework for Trust Establishment Elisa Bertino, Elena Ferrari, Anna Cinzia Squicciarini. What Is Trust Negotiation?.

willow
Download Presentation

Automatic Trust Negotiation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automatic Trust Negotiation Presented by: Scott Hackman Scott Hackman – CS5204 – Operating Systems

  2. Reference Trust-X: A Peer-to-Peer Framework for Trust EstablishmentElisa Bertino, Elena Ferrari, Anna Cinzia Squicciarini Scott Hackman – CS5204 – Operating Systems

  3. What Is Trust Negotiation? Would you give your credit card number to a website if you didn’t know who was running it? No! The Internet is a hostile environment where identities aren’t always known. Sensitive information transfer can be dangerous under these conditions. This paper establishes a framework to allow two parties, who may have never interacted before, to exchange information in a bilateral and incremental way to gain each other’s trust prior to divulging sensitive information. We perform the same fundamental algorithm every day when we interact with people. Scott Hackman – CS5204 – Operating Systems

  4. About The Paper Trust-X: A Peer-to-Peer Framework for Trust Establishment is designed to compile work already done in this field, along with some added novel concepts by the authors, to create an implementable architecture for Trust Establishment. Scott Hackman – CS5204 – Operating Systems

  5. ATN is NOT Encryption Trust Negotiation is designed to work with public key encryption: Even though you may possess an x-bit key that can’t be cracked, there is no guarantee that the person, or computer, that you are interacting with is who they say they are. Public key encryption should be used to pass data between two entities to ensure confidential data transfer; ATN verifies identity and qualification, not data security. Scott Hackman – CS5204 – Operating Systems

  6. XML Syntax Example Scott Hackman – CS5204 – Operating Systems

  7. Trust-X Basics Scott Hackman – CS5204 – Operating Systems Generally, interactions between two entities:Controllers (CN)Requesters (RQ) Information that is passed:Credentials – More sensitive informationDeclarations – Less sensitive – Ex: user preferences. Negotiation Phase:Two parties perform a back-and-forth negotiation until both parties agree on a chain of events that will get them to their goal state (DELIV). It is important to remember, that no actual data is passed during this phase (they agree when to pass credit card data in their chain, but that actual data isn’t passed yet)

  8. Trust-X Basics Scott Hackman – CS5204 – Operating Systems Policies:The “rules” that each entity establishes for its own protection. For example, “I won’t give an employee a rental car until I know they have a valid ID and company badge.”

  9. Architecture for Trust-X Negotiation Scott Hackman – CS5204 – Operating Systems

  10. Policy Example - Employees can rent with a company badge and ID card. - Non-employees can rent with drivers license and credit card. Scott Hackman – CS5204 – Operating Systems

  11. Policies – Big Picture How to build Trust. Scott Hackman – CS5204 – Operating Systems

  12. Negotiation Process Taken from Prof. Kafura’s PowerPoint which was modified from http://www.ccs.neu.edu/home/ahchan/wsl/symposium/bertino.ppt Scott Hackman – CS5204 – Operating Systems

  13. Well-formed chain Scott Hackman – CS5204 – Operating Systems How do we know a set of policies will let us achieve our goal? (Decided during negotiation)

  14. Negotiation Tree A tree that traverses valid policies between the Controller and Requester until an agreement is met that goes from initial communication to DELIV state (or Fail state if none exist). Scott Hackman – CS5204 – Operating Systems

  15. Negotiation Tree Basics Scott Hackman – CS5204 – Operating Systems

  16. Negotiation Tree Example Scott Hackman – CS5204 – Operating Systems

  17. Questions? Scott Hackman – CS5204 – Operating Systems

More Related